Model Checking Distributed Software

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Model Checking Distributed Software"

Transcription

1 Model Checking Distributed Software Sagar Chaki September 19, 2014 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213

2 Model Checking and Me 1997 : Ed visits IIT Kharagpur Just finished 2 nd year undergrad Couldn t understand most of the talks : Final year UG Developed symbolic model checker, read papers, found a typo EMC (Era of Model Checking) : CMU PhD Some of the best years of my life Did not coin the term CEGAR Ed, Martha, Pankaj, Somesh, Orna, Helmut, Daniel, Joel, Present: SEI Verifying Cyber Physical Systems Meetings & Lunch in my office responding to 33 2

3 Motivation Distributed algorithms have always been important File Systems, Resource Allocation, Internet, Increasingly becoming safety-critical Robotic, transportation, energy, medical Prove correctness of distributed algorithm implementations Pseudo-code is verified manually (semantic gap) Implementations are heavily tested (low coverage) Model-Driven Verifying Compilation of Synchronous Distributed Applications, Sagar Chaki, James Edmondson, Proc. of MODELS 2014, to appear 3

4 Approach : Verification + Code Generation Program in Domain Specific Language Distributed Application Safety Specification Debug Application, Refine Specification Failure Verification Success The Verifying Compiler: A Grand Challenge for computing research Code Generation Tony Hoare Binary Run on Physical Device Run within simulator 4

5 Verification Model Checking Program in Domain Specific Language Distributed Application Safety Specification Automatic verification technique for finite state concurrent systems. Sequentialization (assuming synchronous communication) Developed independently by Clarke and Emerson and by Queille and Sifakis in early 1980 s. ACM Turing Award 2007 Single-Threaded C Program Specifications are written in propositional temporal logic. (Pnueli 77) Failure Software Model Checking (CBMC, BLAST etc.) Success Computation Tree Logic (CTL), Linear Temporal Logic (LTL), Verification procedure is an intelligent exhaustive search of the state space of the design 5

6 Code Generation Program in Domain Specific Language MADARA Middleware A database of facts: DD = VVV VVVVV Distributed Application Safety Specification Node i has a local copy: DB i update DB i arbitrarily publish new variable mappings Immediate or delayed Add synchronizer protocol Multiple variable mappings transmitted atomically Implicit receive thread on each node C++/MADARA Program Compile (g++,clang,msvc, etc.) Binary Receives and processes variable updates from other nodes Updates ordered via Lamport clocks Portable to different OSes (Windows, Linux, Android etc.) and networking technology (TCP/IP, UDP, DDS etc.) 6

7 Case Study: Synchronous Collision Avoidance

8 Example: Synchronous Collision Avoidance (0,3) (3,3) Y Reserve Reserve Reserve (0,0) X (3,0) 8

9 Example: Synchronous Collision Avoidance (0,3) (3,3) Y Reserve Reserve (0,0) X Reserve (3,0) 9

10 Example: Synchronous Collision Avoidance (0,3) (3,3) Y Reservation Contention Resolved based on Node ID. No collision possible if no over-booking. Potential Collision (0,0) X (3,0) 10

11 Collision Avoidance Protocol If time to move to next coordinate REQUEST If no other node is locking the next coordinate NEXT WAITING Reached the next coordinate MOVE If no other node with higher id is trying to lock the next coordinate Moving to the next coordinate 11

12 Synchronous Collision Avoidance Code MOC_SYNC; CONST X = 4; CONST Y = 4; CONST NEXT = 0; CONST REQUEST = 1; CONST WAITING = 2; CONST MOVE = 3; EXTERN int MOVE_TO (unsigned char x, unsigned char y); NODE uav (id) { } void INIT () { } void SAFETY { } NODE uav (id) { GLOBAL bool lock [X][Y][#N]; LOCAL int state,x,y,xp,yp,xf,yf; void NEXT_XY () { } void ROUND () { if(state == NEXT) { state = REQUEST; } else if(state == REQUEST) { state = WAITING; } else if(state == WAITING) { state = MOVE; } else if(state == MOVE) { state = NEXT; } } } INIT { FORALL_NODE(id) state.id = NEXT; //assign x.id and y.id non-deterministically //assume they are within the correct range //assign lock[x.id][y.id][id] appropriately //nodes don t collide initially FORALL_DISTINCT_NODE_PAIR (id1,id2) ASSUME(x.id1!= x.id2 y.id1!= y.id2); } SAFETY { FORALL_DISTINCT_NODE_PAIR (id1,id2) ASSERT(x.id1!= x.id2 y.id1!= y.id2); } 12

13 Synchronous Collision Avoidance Code if(state == NEXT) { //compute next point on route if(x == xf && y == yf) return; NEXT_XY(); state = REQUEST; } else if(state == REQUEST) { //request the lock but only if it is free if(exists_other(idp,lock[xp][yp][idp]!= 0)) return; lock[xp][yp][id] = 1; else if(state == MOVE) { //now we have the lock on (xp,yp) if(move_to()) return; lock[x ][y][id] = 0; x = xp; y = yp; state = NEXT; } state = WAITING; } else if(state == WAITING) { //grab the lock if we are the highest //id node to request or hold the lock if(exists_higher(idp, lock[xp][yp][idp]!= 0)) return; state = MOVE; } 13

14 Tool Usage Project webpage (http://mcda.googlecode.com) Tutorial (https://code.google.com/p/mcda/wiki/tutorial) Verification daslc --nodes 3 --seq --rounds 3 --seq-dbl --out tutorial-02.c tutorial- 02.dasl cbmc tutorial-02.c (takes about 10s to verify) Code generation & simulation daslc --nodes 3 --madara --vrep --out tutorial-02.cpp tutorial-02.dasl g++ mcda-vrep.sh 3 outdir./tutorial-02 14

15 Demonstration: Synchronous Collision Avoidance

16 Questions?

17 Copyright 2014 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at DM

18 Contact Information Slide Format Sagar Chaki Principal Researcher SSD/CSC Telephone: Web U.S. Mail Software Engineering Institute Customer Relations 4500 Fifth Avenue Pittsburgh, PA USA Customer Relations Telephone: SEI Phone: SEI Fax:

Applying Software Quality Models to Software Security

Applying Software Quality Models to Software Security Applying Software Quality Models to Software Security Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Carol Woody, Ph.D. April 21, 2015 Copyright 2015 Carnegie Mellon University

More information

Evaluating the Quality of Software Engineering Performance Data

Evaluating the Quality of Software Engineering Performance Data Evaluating the Quality of Software Engineering Performance Data James Over Software Engineering Institute Carnegie Mellon University July 2014 Copyright 2014 Carnegie Mellon University This material is

More information

Moving Target Reference Implementation

Moving Target Reference Implementation CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Moving Target Reference Implementation Software Engineering Institute, Carnegie Mellon University Andrew O. Mellinger December 17, 2014

More information

Merging Network Configuration and Network Traffic Data in ISP-Level Analyses

Merging Network Configuration and Network Traffic Data in ISP-Level Analyses Merging Network Configuration and Network Traffic Data in ISP-Level Analyses Timothy J. Shimeall, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Presentation Title

More information

Contracting Officer s Representative (COR) Interactive SharePoint Wiki

Contracting Officer s Representative (COR) Interactive SharePoint Wiki Contracting Officer s Representative (COR) Interactive SharePoint Wiki James Smith Andy Boyd Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material

More information

UFO: Verification with Interpolants and Abstract Interpretation

UFO: Verification with Interpolants and Abstract Interpretation : Verification with Interpolants and Abstract Interpretation and Sagar Chaki Software Engineering Institute Carnegie Mellon University Aws Albarghouthi, Yi i and Marsha Chechik University of Toronto A

More information

Resolving Chaos Arising from Agile Software Development

Resolving Chaos Arising from Agile Software Development Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 523 Author Date High Level Alternatives Approach. Blame the Agile development process, fire the folks who are controlling it and

More information

Assurance Cases for Design Analysis of Complex System of Systems Software

Assurance Cases for Design Analysis of Complex System of Systems Software Assurance Cases for Design Analysis of Complex System of Systems Software Presented at AIAA Infotech@Aerospace Conference Software Assurance Session 8 April 2009 Stephen Blanchette, Jr. Problem: SoS are

More information

Data Management Maturity (DMM) Model Update

Data Management Maturity (DMM) Model Update Data Management Maturity (DMM) Model Update Rawdon Young November 2012 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Contents / Agenda The DMM SEI Observations on Core

More information

Extending AADL for Security Design Assurance of the Internet of Things

Extending AADL for Security Design Assurance of the Internet of Things Extending AADL for Security Design Assurance of the Internet of Things Presented by Rick Kazman, PhD Team: Carol Woody (PI), Rick Kazman, Robert Ellison, John Hudak, Allen Householder Software Engineering

More information

Kurt Wallnau Senior Member of Technical Staff

Kurt Wallnau Senior Member of Technical Staff Engineering Realistic Synthetic Insider Threat (Cyber-Social) Test Data Kurt Wallnau Senior Member of Technical Staff Dr. Kurt Wallnau joined the SEI in 1993. He joined CERT Science of Cyber-Security (SoCS)

More information

VoIP in Flow A Beginning

VoIP in Flow A Beginning VoIP in Flow A Beginning Nathan Dell CERT/NetSA 2013 Carnegie Mellon University Legal Copyright 2013 Carnegie Mellon University This material is based upon work funded and supported by the Department of

More information

Software Architecture for Big Data Systems. Ian Gorton Senior Member of the Technical Staff - Architecture Practices

Software Architecture for Big Data Systems. Ian Gorton Senior Member of the Technical Staff - Architecture Practices Software Architecture for Big Data Systems Ian Gorton Senior Member of the Technical Staff - Architecture Practices Ian Gorton is investigating issues related to software architecture at scale. This includes

More information

Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division

Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division James Stevens is a senior member of the technical staff

More information

2012 CyberSecurity Watch Survey

2012 CyberSecurity Watch Survey 2012 CyberSecurity Watch Survey Unknown How 24 % Bad is the Insider Threat? 51% 2007-2013 Carnegie Mellon University 2012 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY

More information

Assurance in Service-Oriented Environments

Assurance in Service-Oriented Environments Assurance in Service-Oriented Environments Soumya Simanta Research, Technology, and System Solutions (RTSS) Program Software Engineering Institute Carnegie Mellon University Pittsburgh 15232 28 th October,

More information

Network Monitoring for Cyber Security

Network Monitoring for Cyber Security Network Monitoring for Cyber Security Paul Krystosek, PhD CERT Network Situational Awareness 2006 Carnegie Mellon University What s Coming Up The scope of network monitoring Cast of characters Descriptions

More information

Automated Provisioning of Cloud and Cloudlet Applications

Automated Provisioning of Cloud and Cloudlet Applications Automated Provisioning of Cloud and Cloudlet Applications Secure and Assured Mobile Computing Components Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Jeff Boleng, PhD

More information

Architecture Patterns for Mobile Systems in Resource- Constrained Environments

Architecture Patterns for Mobile Systems in Resource- Constrained Environments Architecture Patterns for Mobile Systems in Resource- Constrained Environments Grace A. Lewis Advanced Mobile Systems Initiative May 2, 2013 Minneapolis, MN USA Motivation First responders, soldiers and

More information

A Systematic Method for Big Data Technology Selection

A Systematic Method for Big Data Technology Selection A Systematic Method for Big Data Technology Selection John Klein Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is based upon work funded

More information

Formal Verification by Model Checking

Formal Verification by Model Checking Formal Verification by Model Checking Natasha Sharygina Carnegie Mellon University Guest Lectures at the Analysis of Software Artifacts Class, Spring 2005 1 Outline Lecture 1: Overview of Model Checking

More information

Cyber Intelligence Workforce

Cyber Intelligence Workforce Cyber Intelligence Workforce Troy Townsend Melissa Kasan Ludwick September 17, 2013 Agenda Project Background Research Methodology Findings Training and Education Project Findings Workshop Results Objectives

More information

Network Analysis with isilk

Network Analysis with isilk Network Analysis with isilk Presented at FloCon 2011 Ron Bandes CERT Network Situational Awareness (NetSA) Group 2011 Carnegie Mellon University 2011 Carnegie Mellon University NO WARRANTY THIS MATERIAL

More information

Getting Started with Service- Oriented Architecture (SOA) Terminology

Getting Started with Service- Oriented Architecture (SOA) Terminology Getting Started with - Oriented Architecture (SOA) Terminology Grace Lewis September 2010 -Oriented Architecture (SOA) is a way of designing, developing, deploying, and managing systems it is neither a

More information

Model Checking II Temporal Logic Model Checking

Model Checking II Temporal Logic Model Checking 1/32 Model Checking II Temporal Logic Model Checking Edmund M Clarke, Jr School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 2/32 Temporal Logic Model Checking Specification Language:

More information

Supply-Chain Risk Management Framework

Supply-Chain Risk Management Framework Supply-Chain Risk Management Framework Carol Woody March 2010 Scope of SEI Work Context Significantly reduce the risk (any where in the supply chain) that an unauthorized party can change the behavior

More information

Exploring the Interactions Between Network Data Analysis and Security Information/Event Management

Exploring the Interactions Between Network Data Analysis and Security Information/Event Management Exploring the Interactions Between Network Data Analysis and Security Information/Event Management Timothy J. Shimeall CERT Network Situational Awareness (NetSA) Group January 2011 2011 Carnegie Mellon

More information

The Course. http://www.cse.unsw.edu.au/~cs3153/

The Course. http://www.cse.unsw.edu.au/~cs3153/ The Course http://www.cse.unsw.edu.au/~cs3153/ Lecturers Dr Peter Höfner NICTA L5 building Prof Rob van Glabbeek NICTA L5 building Dr Ralf Huuck NICTA ATP building 2 Plan/Schedule (1) Where and When Tuesday,

More information

Overview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security.

Overview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security. KVM and Hypervisor Security David Shepard and Matt Gaston CMU/SEI Cyber Innovation Center February 2012 2012 by Carnegie Mellon University. Published SEI PROPRIETARY INFORMATION. Distribution: Director

More information

Elasticsearch, Logstash, and Kibana (ELK)

Elasticsearch, Logstash, and Kibana (ELK) Elasticsearch, Logstash, and Kibana (ELK) Dwight Beaver dsbeaver@cert.org Sean Hutchison shutchison@cert.org January 2015 2014 Carnegie Mellon University This material is based upon work funded and supported

More information

Building Resilient Systems: The Secure Software Development Lifecycle

Building Resilient Systems: The Secure Software Development Lifecycle Building Resilient Systems: The Secure Software Development Lifecycle Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213, PhD Technical Director, CERT mssherman@sei.cmu.edu

More information

Common Testing Problems: Pitfalls to Prevent and Mitigate

Common Testing Problems: Pitfalls to Prevent and Mitigate : Pitfalls to Prevent and Mitigate AIAA Case Conference 12 September 2012 Donald Firesmith Software Engineering Institute (SEI) Carnegie Mellon University Pittsburgh, PA 15213 Clarification and Caveat

More information

Monitoring Trends in Network Flow for Situational Awareness

Monitoring Trends in Network Flow for Situational Awareness Monitoring Trends in Network Flow for Situational Awareness SEI CERT NetSA 2011 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE

More information

Penetration Testing Tools

Penetration Testing Tools Penetration Testing Tools Ken van Wyk January 2007 ABSTRACT: This article provides a primer on the most commonly used tools for traditional penetration testing. (A related article provides an overview

More information

Architectural Implications of Cloud Computing

Architectural Implications of Cloud Computing Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,

More information

Buyer Beware: How To Be a Better Consumer of Security Maturity Models

Buyer Beware: How To Be a Better Consumer of Security Maturity Models Buyer Beware: How To Be a Better Consumer of Security Maturity Models SESSION ID: GRC-R01 Julia Allen Software Engineering Institute Carnegie Mellon University jha@sei.cmu.edu Nader Mehravari Software

More information

Using Domain Name Registrant Information To Identify Malicious Domains

Using Domain Name Registrant Information To Identify Malicious Domains Using Domain Name Registrant Information To Identify Malicious Domains Mark Langston Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Do Bad Actors Use Fake Addresses? Copyright

More information

T-79.186 Reactive Systems: Introduction and Finite State Automata

T-79.186 Reactive Systems: Introduction and Finite State Automata T-79.186 Reactive Systems: Introduction and Finite State Automata Timo Latvala 14.1.2004 Reactive Systems: Introduction and Finite State Automata 1-1 Reactive Systems Reactive systems are a class of software

More information

Experiences in Migrations of Legacy Systems

Experiences in Migrations of Legacy Systems Experiences in Migrations of Legacy Systems Bill Wood, Mike Gagliardi, and Phil Bianco Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is

More information

Agile Development and Software Architecture: Understanding Scale and Risk

Agile Development and Software Architecture: Understanding Scale and Risk Agile Development and Software Architecture: Understanding Scale and Risk Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Robert L. Nord SSTC, April 2012 In collaboration

More information

Building a Body of Knowledge for ICT Supply Chain Risk Management

Building a Body of Knowledge for ICT Supply Chain Risk Management Building a Body of Knowledge for ICT Supply Chain Risk Management Dan Shoemaker Nancy Mead May 2013 ABSTRACT: This paper proposes a set of Supply Chain Risk Management (SCRM) activities and practices for

More information

$100 SiLK Network Flow Sensor

$100 SiLK Network Flow Sensor $100 SiLK Network Flow Sensor Ron Bandes John Badertscher Dwight Beaver 1 Copyright 2014 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under

More information

emontage: An Architecture for Rapid Integration of Situational Awareness Data at the Edge

emontage: An Architecture for Rapid Integration of Situational Awareness Data at the Edge emontage: An Architecture for Rapid Integration of Situational Awareness Data at the Edge Soumya Simanta Gene Cahill Ed Morris Motivation Situational Awareness First responders and others operating in

More information

Abuse of CPE Devices and Recommended Fixes

Abuse of CPE Devices and Recommended Fixes Abuse of CPE Devices and Recommended Fixes Dr. Paul Vixie (Farsight Security, Inc.) Chris Hallenbeck (US-CERT, DHS) Jonathan Spring (CERT/CC, Carnegie Mellon) August 7, 2014 Black Hat USA 2014 2014 Carnegie

More information

Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification

Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification Introduction Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification Advanced Topics in Software Engineering 1 Concurrent Programs Characterized by

More information

CMMI for SCAMPI SM Class A Appraisal Results 2011 End-Year Update

CMMI for SCAMPI SM Class A Appraisal Results 2011 End-Year Update CMMI for SCAMPI SM Class A 2011 End-Year Update Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 1 Outline Introduction Current Status Community Trends Organizational Trends

More information

Model Checking: An Introduction

Model Checking: An Introduction Announcements Model Checking: An Introduction Meeting 2 Office hours M 1:30pm-2:30pm W 5:30pm-6:30pm (after class) and by appointment ECOT 621 Moodle problems? Fundamentals of Programming Languages CSCI

More information

Network Flow Analysis in Information Security Strategy

Network Flow Analysis in Information Security Strategy Network Flow Analysis in Information Security Strategy Timothy J. Shimeall, Ph.D. Situational Awareness Team January, 2015 2015 Carnegie Mellon University Copyright 2014 Carnegie Mellon University This

More information

Formal Verification and Linear-time Model Checking

Formal Verification and Linear-time Model Checking Formal Verification and Linear-time Model Checking Paul Jackson University of Edinburgh Automated Reasoning 21st and 24th October 2013 Why Automated Reasoning? Intellectually stimulating and challenging

More information

Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience

Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience Management Model (CERT-RMM), both developed at Carnegie

More information

Migrating a Large Scale Legacy IT System to a System with Current Technology

Migrating a Large Scale Legacy IT System to a System with Current Technology Migrating a Large Scale Legacy IT System to a System with Current Technology Bill Wood, Mike Gagliardi, Phil Bianco 4/18/2014 Migration Planning 1 Copyright 2014 Carnegie Mellon University and IEEE This

More information

Department of Homeland Security Cyber Resilience Review (Case Study) Matthew Butkovic Technical Manager - Cybersecurity Assurance, CERT Division

Department of Homeland Security Cyber Resilience Review (Case Study) Matthew Butkovic Technical Manager - Cybersecurity Assurance, CERT Division Department of Homeland Security Cyber Resilience Review (Case Study) Matthew Butkovic Technical Manager - Cybersecurity Assurance, CERT Division Matthew Butkovic is a Technical Manager Cybersecurity Assurance

More information

Context-Bounded Model Checking of LTL Properties for ANSI-C Software. Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole

Context-Bounded Model Checking of LTL Properties for ANSI-C Software. Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Model Checking C Model checking: normally applied to formal state transition

More information

Arcade Game Maker Pedagogical Product Line: Marketing and Product Plan

Arcade Game Maker Pedagogical Product Line: Marketing and Product Plan Arcade Game Maker Pedagogical Product Line: Marketing and Product Plan Arcade Game Team July 2003 Unlimited distribution subject to the copyright. This work is sponsored by the U.S. Department of Defense.

More information

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL University of Texas at El Paso DigitalCommons@UTEP Departmental Technical Reports (CS) Department of Computer Science 8-1-2007 Using Patterns and Composite Propositions to Automate the Generation of Complex

More information

Risk Management Framework

Risk Management Framework Risk Management Framework Christopher J. Alberts Audrey J. Dorofee August 2010 TECHNICAL REPORT CMU/SEI-2010-TR-017 ESC-TR-2010-017 Acquisition Support Program Unlimited distribution subject to the copyright.

More information

Upgrading Intel AMT 5.0 drivers to Linux kernel v2.6.31

Upgrading Intel AMT 5.0 drivers to Linux kernel v2.6.31 White Paper Zerene Sangma Platform Application Engineer Intel Corporation Upgrading Intel AMT 5.0 drivers to Linux kernel v2.6.31 For Intel Q45 and Intel GM45 based embedded platforms June 2010 323961

More information

Formal Verification Methods 3: Model Checking

Formal Verification Methods 3: Model Checking Formal Verification Methods 3: Model Checking John Harrison Intel Corporation Marktoberdorf 2003 Fri 1st August 2003 (11:25 12:10) This presentation was not given in Marktoberdorf since it mostly duplicates

More information

An Application of an Iterative Approach to DoD Software Migration Planning

An Application of an Iterative Approach to DoD Software Migration Planning An Application of an Iterative Approach to DoD Software Migration Planning John Bergey Liam O Brien Dennis Smith September 2002 Product Line Practice Initiative Unlimited distribution subject to the copyright.

More information

How Programmers Use Internet Resources to Aid Programming

How Programmers Use Internet Resources to Aid Programming How Programmers Use Internet Resources to Aid Programming Jeffrey Stylos Brad A. Myers Computer Science Department and Human-Computer Interaction Institute Carnegie Mellon University 5000 Forbes Ave Pittsburgh,

More information

A Logic Approach for LTL System Modification

A Logic Approach for LTL System Modification A Logic Approach for LTL System Modification Yulin Ding and Yan Zhang School of Computing & Information Technology University of Western Sydney Kingswood, N.S.W. 1797, Australia email: {yding,yan}@cit.uws.edu.au

More information

SOA for Healthcare: Promises and Pitfalls

SOA for Healthcare: Promises and Pitfalls SOA for Healthcare: Promises and Pitfalls Dennis B. Smith dbs@sei.cmu.edu SOA in Health Care Conference: Value in a Time of Change Chicago, IL USA June 3, 2009 Agenda Healthcare IT Challenges SOA: The

More information

Portions derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.

Portions derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm. Portions derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm. The Apache Software License, Version 1.1 Copyright (c) 1999-2001 The Apache Software Foundation. All rights reserved. 3.

More information

Algorithmic Software Verification

Algorithmic Software Verification Algorithmic Software Verification (LTL Model Checking) Azadeh Farzan What is Verification Anyway? Proving (in a formal way) that program satisfies a specification written in a logical language. Formal

More information

CardAccess. Firewall Configuration Guide. (For Windows 7 Pro, Windows 8.1 Pro, Windows Server 2008 R2 and Windows 2012 R2) CardAccess

CardAccess. Firewall Configuration Guide. (For Windows 7 Pro, Windows 8.1 Pro, Windows Server 2008 R2 and Windows 2012 R2) CardAccess CardAccess Firewall Configuration Guide (For Windows 7 Pro, Windows 8.1 Pro, Windows Server 2008 R2 and Windows 2012 R2) DATE: 11 JULY 2014 DOCUMENT PERTAINS TO: CONFIGURING THE WINDOWS FIREWALL REVISION:

More information

Device Management API for Windows* and Linux* Operating Systems

Device Management API for Windows* and Linux* Operating Systems Device Management API for Windows* and Linux* Operating Systems Library Reference September 2004 05-2222-002 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS

More information

The CERT Top 10 List for Winning the Battle Against Insider Threats

The CERT Top 10 List for Winning the Battle Against Insider Threats The CERT Top 10 List for Winning the Battle Against Insider Threats Dawn Cappelli CERT Insider Threat Center Software Engineering Institute Carnegie Mellon University Session ID: STAR-203 Session Classification:

More information

Software Security Engineering: A Guide for Project Managers

Software Security Engineering: A Guide for Project Managers Software Security Engineering: A Guide for Project Managers Gary McGraw Julia H. Allen Nancy Mead Robert J. Ellison Sean Barnum May 2013 ABSTRACT: Software is ubiquitous. Many of the products, services,

More information

Software Model Checking: Theory and Practice

Software Model Checking: Theory and Practice Software Model Checking: Theory and Practice Lecture: Secification Checking - Temoral Logic Coyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course are coyrighted

More information

Trends in SwA Practice: Education and Adoption

Trends in SwA Practice: Education and Adoption Trends in SwA Practice: Education and Adoption Carol Woody, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 March 9, 2010 Academia Contributes to Software Assurance

More information

A Study of Systems Engineering Effectiveness. Building a Business Case for Systems Engineering

A Study of Systems Engineering Effectiveness. Building a Business Case for Systems Engineering Building a Business Case for Systems Engineering NO WARRANTY THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES

More information

Software Modeling and Verification

Software Modeling and Verification Software Modeling and Verification Alessandro Aldini DiSBeF - Sezione STI University of Urbino Carlo Bo Italy 3-4 February 2015 Algorithmic verification Correctness problem Is the software/hardware system

More information

An Oracle Benchmarking Study February 2011. Oracle Insurance Insbridge Enterprise Rating: Performance Assessment

An Oracle Benchmarking Study February 2011. Oracle Insurance Insbridge Enterprise Rating: Performance Assessment An Oracle Benchmarking Study February 2011 Oracle Insurance Insbridge Enterprise Rating: Performance Assessment Executive Overview... 1 RateManager Testing... 2 Test Environment... 2 Test Scenarios...

More information

Device Management API for Windows* and Linux* Operating Systems

Device Management API for Windows* and Linux* Operating Systems Device Management API for Windows* and Linux* Operating Systems Library Reference August 2005 05-2222-003 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS

More information

What Are Certificates?

What Are Certificates? The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form

More information

Testing LTL Formula Translation into Büchi Automata

Testing LTL Formula Translation into Büchi Automata Testing LTL Formula Translation into Büchi Automata Heikki Tauriainen and Keijo Heljanko Helsinki University of Technology, Laboratory for Theoretical Computer Science, P. O. Box 5400, FIN-02015 HUT, Finland

More information

RMFT Event Viewer Messages

RMFT Event Viewer Messages RMFT Event Viewer Messages Software Version 2.4.3 March 6, 2011 RepliWeb, Inc., 6441 Lyons Road, Coconut Creek, FL 33073 Tel: (954) 946-2274, Fax: (954) 337-6424 E-mail: info@repliweb.com, Support: http://support.repliweb.com

More information

Operationally Critical Threat, Asset, and Vulnerability Evaluation SM (OCTAVE SM ) Framework, Version 1.0

Operationally Critical Threat, Asset, and Vulnerability Evaluation SM (OCTAVE SM ) Framework, Version 1.0 Operationally Critical Threat, Asset, and Vulnerability Evaluation SM (OCTAVE SM ) Framework, Version 1.0 Christopher J. Alberts Sandra G. Behrens Richard D. Pethia William R. Wilson June 1999 TECHNICAL

More information

Automata-based Verification - I

Automata-based Verification - I CS3172: Advanced Algorithms Automata-based Verification - I Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2006 Supporting and Background Material Copies of key slides (already

More information

CRM to Exchange Synchronization

CRM to Exchange Synchronization CRM to Exchange Synchronization Product Registration Instructions VERSION 2.0 DATE PREPARED: 1/1/2013 DEVELOPMENT: BRITE GLOBAL, INC. 2012 Brite Global, Incorporated. All rights reserved. The information

More information

Using Check Boxes and Radio Buttons

Using Check Boxes and Radio Buttons DocuSign Quick Start Guide Using Check Boxes and Radio Buttons Overview When adding fields to a document, there might be times when you want to let your recipient select options on the document and you

More information

Structuring the Chief Information Security Officer Organization

Structuring the Chief Information Security Officer Organization Structuring the Chief Information Security Officer Organization December 1, 2015 Julia Allen Nader Mehravari Cyber Risk and Resilience Management Team CERT Division Software Engineering Institute Carnegie

More information

Service Measurement Index Framework Version 2.1

Service Measurement Index Framework Version 2.1 Service Measurement Index Framework Version 2.1 July 2014 CSMIC Carnegie Mellon University Silicon Valley Moffett Field, CA USA Introducing the Service Measurement Index (SMI) The Service Measurement Index

More information

Model Checking based Software Verification

Model Checking based Software Verification Model Checking based Software Verification 18.5-2006 Keijo Heljanko Keijo.Heljanko@tkk.fi Department of Computer Science and Engineering Helsinki University of Technology http://www.tcs.tkk.fi/~kepa/ 1/24

More information

SQL Server 2008 R2 Installation Guide. (For use on CardAccess 3000 V2.8.x and V2.9.x) REVISION Rev A

SQL Server 2008 R2 Installation Guide. (For use on CardAccess 3000 V2.8.x and V2.9.x) REVISION Rev A SQL Server 2008 R2 Installation Guide (For use on CardAccess 3000 V2.8.x and V2.9.x) REVISION Rev A DATE: 10/08/2014 1 DISCLAIMER Continental Instruments LLC makes no representations or warranties with

More information

Model Checking of Software

Model Checking of Software Model Checking of Software Patrice Godefroid Bell Laboratories, Lucent Technologies SpecNCheck Page 1 August 2001 A Brief History of Model Checking Prehistory: transformational programs and theorem proving

More information

ALTIRIS Software Delivery Solution for Windows 6.1 SP3 Product Guide

ALTIRIS Software Delivery Solution for Windows 6.1 SP3 Product Guide ALTIRIS Software Delivery Solution for Windows 6.1 SP3 Product Guide Notice Altiris Software Delivery Solution for Windows 6.1 SP3 Product Guide 2007 Altiris, Inc. All rights reserved. Document Date: February

More information

Microsoft Expression Studio. Using Microsoft Expression Studio on the Mac

Microsoft Expression Studio. Using Microsoft Expression Studio on the Mac Microsoft Expression Studio Using Microsoft Expression Studio on the Mac Contents Expression Studio 2 and the Mac... 1 Preparing to install Expression Studio... 1 If you have the Expression Professional

More information

Software Assurance vs. Security Compliance: Why is Compliance Not Enough? Carol Woody, Ph.D.

Software Assurance vs. Security Compliance: Why is Compliance Not Enough? Carol Woody, Ph.D. Software Assurance vs. Security Compliance: Why is Compliance Not Enough? Carol Woody, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 2012 Carnegie Mellon University

More information

New SMTP client for sending Internet mail

New SMTP client for sending Internet mail IBM Software Group Enterprise Networking Solutions z/os V1R11 Communications Server New SMTP client for sending Internet mail z/os Communications Server Development, Raleigh, North Carolina This presentation

More information

Introduction to SPIN. Acknowledgments. Parts of the slides are based on an earlier lecture by Radu Iosif, Verimag. Ralf Huuck. Features PROMELA/SPIN

Introduction to SPIN. Acknowledgments. Parts of the slides are based on an earlier lecture by Radu Iosif, Verimag. Ralf Huuck. Features PROMELA/SPIN Acknowledgments Introduction to SPIN Parts of the slides are based on an earlier lecture by Radu Iosif, Verimag. Ralf Huuck Ralf Huuck COMP 4152 1 Ralf Huuck COMP 4152 2 PROMELA/SPIN PROMELA (PROcess MEta

More information

Quick Start Guide. June 3, 2012

Quick Start Guide. June 3, 2012 The ERIGONE Model Checker Quick Start Guide Mordechai (Moti) Ben-Ari Department of Science Teaching Weizmann Institute of Science Rehovot 76100 Israel http://stwww.weizmann.ac.il/g-cs/benari/ June 3, 2012

More information

Microsoft Dynamics GP. Payroll Connect

Microsoft Dynamics GP. Payroll Connect Microsoft Dynamics GP Payroll Connect Copyright Copyright 2005 Microsoft Corporation. All rights reserved. Complying with all applicable copyright laws is the responsibility of the user. Without limiting

More information

Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary

Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary Today s Agenda Quiz 4 Temporal Logic Formal Methods in Software Engineering 1 Automata and Logic Introduction Buchi Automata Linear Time Logic Summary Formal Methods in Software Engineering 2 1 Buchi Automata

More information

DEPLOYMENT ROADMAP March 2015

DEPLOYMENT ROADMAP March 2015 DEPLOYMENT ROADMAP March 2015 Copyright and Disclaimer This document, as well as the software described in it, is furnished under license of the Instant Technologies Software Evaluation Agreement and may

More information

RSA Two Factor Authentication

RSA Two Factor Authentication RSA Two Factor Authentication VERSION: 1.0 UPDATED: MARCH 2014 Copyright 2002-2014 KEMP Technologies, Inc. All Rights Reserved. Page 1 / 16 Copyright Notices Copyright 2002-2014 KEMP Technologies, Inc..

More information

HI-TECH C SETUP GUIDE. Hi-Tech C - Setup Guide..

HI-TECH C SETUP GUIDE. Hi-Tech C - Setup Guide.. Hi-Tech C - Setup Guide.. 1. Introduction and overview The HI-TECH C Compiler for PIC10/12/16 MCUs (Lite mode) is a freeware compiler. It supports all PIC10, PIC12 and PIC16 series devices. The features

More information

TECHILA INTERCONNECT END-USER GUIDE

TECHILA INTERCONNECT END-USER GUIDE TECHILA INTERCONNECT END-USER GUIDE 16 NOVEMBER 2015 TECHILA INTERCONNECT 2/17 16 NOVEMBER 2015 Disclaimer Techila Technologies Ltd. disclaims any and all warranties, express, implied or statutory regarding

More information

Definiens. Enterprise Image Intelligence Suite 7.0.10. Release Notes. www.definiens.com

Definiens. Enterprise Image Intelligence Suite 7.0.10. Release Notes. www.definiens.com Definiens Enterprise Image Intelligence Suite 7.0.10 Release Notes www.definiens.com Imprint and Version Document Version 7.0.10 Copyright 2010 Definiens AG. All rights reserved. This document may be copied

More information

Temporal Logics. Computation Tree Logic

Temporal Logics. Computation Tree Logic Temporal Logics CTL: definition, relationship between operators, adequate sets, specifying properties, safety/liveness/fairness Modeling: sequential, concurrent systems; maximum parallelism/interleaving

More information